Silobreaker’s Daily Cyber Alert is created and distributed automatically by using our award-winning intelligence product Silobreaker Online.Heat - Trending Malware and Threat ActorsNameHeat 1Heat 7Vol 1Vol 7InvisiMole4646Gamaredon Group1328ACIDBOX1023Bundlore55GraceWire Malware59Maze Ransomware1548IcedID Trojan516Lazarus Group417APT2939Cobalt Group22 Data Breaches EduardKovacs - An analysis of the “Official Trump 2020” application revealed that keys to various parts of the app were being expo… https://t.co/4VWbLJzAxs [1]EduardKovacs - Twitter - Jun 18 2020 07:14 [2]An analysis of the “Official Trump 2020” application revealed that keys to various parts of the app were being exposed to attacks. https://www.securityweek.com/trumps-2020-reelection-app-exposed-secrets-keysiblametom - Baby exposed to tear gas during BLM protest was foaming at the mouth, according to lawsuit filed by INDY BLM in Ind… https://t.co/sVABOqD9sC [3]iblametom - Twitter - Jun 18 2020 12:20 [4]Baby exposed to tear gas during BLM protest was foaming at the mouth, according to lawsuit filed by INDY BLM in Indianapolis... https://twitter.com/iblametom/status/1273591477520777218/photo/1Maze Ransomware Gang Continues Data-Leaking Spree [5]CUInfoSecurity - Jun 18 2020 19:05 [6]Latest Named Victims Include Engineering Firm, Furniture Manufacturer, Pet Spa The Maze ransomware gang is continuing to exfiltrate data from victims before crypto-locking their systems, then leaking the data to try to force non-payers to accede to...iblametom - RT @guyverhofstadt: Russian disinformation operation against citizens in EU, UK & US exposed. “The intent appears to have been to stir up r… [7]iblametom - Twitter - Jun 18 2020 09:36 [8]RT @guyverhofstadt: Russian disinformation operation against citizens in EU, UK & US exposed. “The intent appears to have been to stir up racial & religious conflict in the target countries”.
Putin plays with us at his will. Why do the... Hacker Groups Anonymous tweets ‘DDoS’; everyone freaks out [9]TechBeacon - RSS - Jun 18 2020 11:21 [10]Monday’s scare of a “major” denial-of-service attack turns out to have been just a BGP misconfiguration. Or some other fat-fingered change.ProjectSauron: top level cyber-espionage platform covertly extracts encrypted government comms [11]CERT-EU VulnerabilitiesApplications - Jun 18 2020 12:49 [12]What differentiates a truly advanced threat actor from a wannabe APT? Here are a few features that characterize the ‘top’ cyberespionage groups: The use of zero day exploits; Unknown, never identified infection vectors; Have compromised multiple... Malware Revisiting Ryuk: The Very Busy Ransomware Family [13]Cyware - Jun 18 2020 13:01 [14]The world, right now, has a lot on its hand to deal with and ransomware operators aren’t making it any easier. Take the case of Ryuk ransomware; it has dominated the ransomware landscape for the fourth consecutive quarter. The big picture Ryuk has...Clipper Malware Operators Now Use Cloned Sites to Lure Victims [15]Cyware - Jun 18 2020 19:01 [16]Clipper malware are known for replacing the user’s cryptocurrency wallet address (a long and random string) with that of the hacker’s own wallet address, which is already difficult to keep a track due to its typical format. Recently, hackers were...InfoSecHotSpot - AcidBox Malware Uncovered Using Repurposed VirtualBox Exploit A “very rare” malware has been used by an unknown thr… https://t.co/8s4bK6gk8C [17]InfoSecHotSpot - Twitter - Jun 18 2020 11:58 [18]AcidBox Malware Uncovered Using Repurposed VirtualBox Exploit A “very rare” malware has been used by an unknown threat actor in cyberattacks against two different Russian organizations in 2017. https://bit.ly/2N5dz0a...InvisiMole malware delivered by Gamaredon hacker group [19]BleepingComputer.com - Jun 18 2020 09:30 [20]Security researchers have demystified the attack chain of the elusive InvisiMole cyberespionage group, revealing a complicated multi-stage format that relies on vulnerable legitimate tools, target-specific encryption of payloads, and stealthy... Vulnerabilities NA - CVE-2020-3244 - A vulnerability in the Enhanced Charging... [21]CERT-EU VulnerabilitiesApplications - Jun 18 2020 08:26 [22]A vulnerability in the Enhanced Charging Service (ECS) functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The...EduardKovacs - Drupal patches several vulnerabilities, including PHP code execution and cross-site request forgery (CSRF) flaws. https://t.co/juveGIuvKL [23]EduardKovacs - Twitter - Jun 18 2020 12:47 [24]Drupal patches several vulnerabilities, including PHP code execution and cross-site request forgery (CSRF) flaws. https://www.securityweek.com/drupal-patches-code-execution-flaw-most-likely-impact-windows-serversNA - CVE-2020-3336 - A vulnerability in the software upgrade process... [25]CERT-EU VulnerabilitiesApplications - Jun 18 2020 08:26 [26]A vulnerability in the software upgrade process of Cisco TelePresence Collaboration Endpoint Software and Cisco RoomOS Software could allow an authenticated, remote attacker to modify the filesystem to cause a denial of service (DoS) or gain...NA - CVE-2020-3263 - A vulnerability in Cisco Webex Meetings Desktop... [27]CERT-EU VulnerabilitiesApplications - Jun 18 2020 08:26 [28]A vulnerability in Cisco Webex Meetings Desktop App could allow an unauthenticated, remote attacker to execute programs on an affected end-user system. The vulnerability is due to improper validation of input that is supplied to application URLs. The... Ongoing Campaigns InvisiMole group targets military sector and diplomatic missions in Eastern Europe [29]Security Affairs - Jun 18 2020 20:13 [30]Researchers uncovered a recent campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations. Security researchers at ESET recently uncovered a campaign carried out by the ...Ginp Malware Operations are on the Rise, Aiming to Expand in Turkey [31]Security Intelligence - Jun 18 2020 11:00 [32]The Ginp mobile banking malware, which emerged in late 2019, is one of the top most prevalent Android banking malware families today. It started as a simple short message server (SMS) stealer and rapidly evolved into one of the most advanced... Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.
[1] https://twitter.com/EduardKovacs/status/1273514444975374337
[2] https://twitter.com/EduardKovacs/status/1273514444975374337
[3] https://twitter.com/iblametom/status/1273591477520777218
[4] https://twitter.com/iblametom/status/1273591477520777218
[5] https://www.cuinfosecurity.com/blogs/maze-ransomware-gang-continues-data-leaking-spree-p-2908
[6] https://www.cuinfosecurity.com/blogs/maze-ransomware-gang-continues-data-leaking-spree-p-2908
[7] https://twitter.com/iblametom/status/1273550085893296130
[8] https://twitter.com/iblametom/status/1273550085893296130
[9] https://techbeacon.com/security/anonymous-tweets-ddos-everyone-freaks-out
[10] https://techbeacon.com/security/anonymous-tweets-ddos-everyone-freaks-out
[11] https://securelist.com/faq-the-projectsauron-apt/75533/
[12] https://securelist.com/faq-the-projectsauron-apt/75533/
[13] https://cyware.com/news/revisiting-ryuk-the-very-busy-ransomware-family-9950406f
[14] https://cyware.com/news/revisiting-ryuk-the-very-busy-ransomware-family-9950406f
[15] https://cyware.com/news/clipper-malware-operators-now-use-cloned-sites-to-lure-victims-111b5ede
[16] https://cyware.com/news/clipper-malware-operators-now-use-cloned-sites-to-lure-victims-111b5ede
[17] https://twitter.com/InfoSecHotSpot/status/1273585829722689537
[18] https://twitter.com/InfoSecHotSpot/status/1273585829722689537
[19] https://www.bleepingcomputer.com/news/security/invisimole-malware-delivered-by-gamaredon-hacker-group/
[20] https://www.bleepingcomputer.com/news/security/invisimole-malware-delivered-by-gamaredon-hacker-group/
[21] https://www.security-database.com/detail.php?alert=CVE-2020-3244&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Last100Alerts+%28Security-Database+Alerts+Monitor+%3A+Last+100+Alerts%29
[22] https://www.security-database.com/detail.php?alert=CVE-2020-3244&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Last100Alerts+%28Security-Database+Alerts+Monitor+%3A+Last+100+Alerts%29
[23] https://twitter.com/EduardKovacs/status/1273598330367619072
[24] https://twitter.com/EduardKovacs/status/1273598330367619072
[25] https://www.security-database.com/detail.php?alert=CVE-2020-3336&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Last100Alerts+%28Security-Database+Alerts+Monitor+%3A+Last+100+Alerts%29
[26] https://www.security-database.com/detail.php?alert=CVE-2020-3336&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Last100Alerts+%28Security-Database+Alerts+Monitor+%3A+Last+100+Alerts%29
[27] https://www.security-database.com/detail.php?alert=CVE-2020-3263&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Last100Alerts+%28Security-Database+Alerts+Monitor+%3A+Last+100+Alerts%29
[28] https://www.security-database.com/detail.php?alert=CVE-2020-3263&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Last100Alerts+%28Security-Database+Alerts+Monitor+%3A+Last+100+Alerts%29
[29] https://securityaffairs.co/wordpress/104942/apt/invisimole-campaign.html?utm_source=rss&utm_medium=rss&utm_campaign=invisimole-campaign
[30] https://securityaffairs.co/wordpress/104942/apt/invisimole-campaign.html?utm_source=rss&utm_medium=rss&utm_campaign=invisimole-campaign
[31] http://feedproxy.google.com/~r/SecurityIntelligence/~3/Stk80j8ASOQ/
[32] http://feedproxy.google.com/~r/SecurityIntelligence/~3/Stk80j8ASOQ/
↧